none
Managing Workgroup Server RRS feed

  • Question

  • Hi guys,

    We have a security server which I believe is located in our DMZ. It is workgroup and not connected to the domain.

    I can ping the SCOM server from the security server by name/IP but if pinging from the SCOM server to the security server I am only able to resolve by IP.

    I have installed the SCOM agent manually on the security server however the event logs say it can't communicate as is seen as untrusted.

    I've read various articles saying I would need a certificate to manage any workgroup PCs. Is this true? Or is there another way of doing it.

    We use Digicert as our certificate supplier - so third-party. Can you provide a really straightforward guide on how I can achieve being able to monitor this workgroup server.

    Thanks - Travis

    Wednesday, December 14, 2016 4:53 PM

All replies

  • HI ,

    You need to have the certificate signed . Follow the steps in

    https://blogs.technet.microsoft.com/stefan_stranger/2012/04/17/monitoring-non-domain-members-with-om-2012/

    https://tmitegypt.wordpress.com/2012/11/26/iinstall-a-system-center-operations-manager-agent-on-a-workgroup-computer-without-using-a-gateway-server/

     (Please take a moment to "Vote as Helpful" and/or "Mark as Answer" where applicable. This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!)

    Wednesday, December 14, 2016 5:17 PM
  • Hello Travis,

    You need to have the signed certificate every time you need monitor a computer in a non trusted domain. 

    Wednesday, December 14, 2016 8:13 PM